Venafi / blueprint-securesoftwarepipeline
For engineers and security teams driving fast and secure software supply chains
☆83Updated 2 years ago
Alternatives and similar repositories for blueprint-securesoftwarepipeline:
Users that are interested in blueprint-securesoftwarepipeline are comparing it to the libraries listed below
- Count distinct contributor of Snyk watched repos across several SCM☆32Updated 10 months ago
- This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.☆138Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆171Updated 5 months ago
- Gathers AWS inventory and outputs CSV in the format for FedRAMP SSP☆36Updated 6 years ago
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated 2 years ago
- OWASP Foundation Web Respository☆55Updated 2 years ago
- Create custom auto-remediation solutions using serverless functions in the cloud.☆53Updated last year
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- Compares and analyzes GCP IAM roles.☆77Updated last month
- OWASP Foundation Web Respository☆82Updated 3 months ago
- A collection of DoD and Federal Government Cloud Computing Resources☆48Updated 4 years ago
- ☆116Updated last month
- CloudSplaining on AWS Managed Policies☆41Updated this week
- Useful scripts, Docker images, docker-compose apps, and Terraform modules.☆142Updated last week
- ☆112Updated 3 months ago
- A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.☆188Updated last year
- ☆16Updated 11 months ago
- This repository is a collection of resources to help facilitate compliance innovation utilizing Cloud, DevSecOps and Software Factory tec…☆71Updated last year
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆97Updated last year
- A collection of DevSecOps reference architectures☆67Updated 4 years ago
- GitHub action to scan container images with Palo Alto Networks' Prisma Cloud☆57Updated 3 weeks ago
- OWASP Foundation Threat Dragon Project Web Repository☆79Updated last week
- Archivista is a graph and storage service for in-toto attestations. Archivista enables the discovery and retrieval of attestations for so…☆85Updated this week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Updated 2 years ago
- A compliance analysis tool which enables organizations to more quickly articulate their compliance posture and also generate supporting e…☆40Updated 3 weeks ago
- Programmatically open new JIRA tickets for all Snyk Issues☆52Updated 3 weeks ago
- Software Component Verification Standard (SCVS)☆143Updated 3 weeks ago
- Kubernetes Common Configuration Scoring System☆124Updated 2 years ago
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- Examples of integrating the Snyk CLI into a CI/CD system☆87Updated 4 months ago